Stop using CRYPTO_gcm128_init() and stack allocated GCM128_CONTEXT.

Since struct gcm128_context is not exposed via a public header, there is no way CRYPTO_gcm128_init() can actually be used properly. Instead, use CRYPTO_gcm128_new() and CRYPTO_gcm128_free_bird()^WCRYPTO_gcm128_release() (naming consistency is apparently hard).
author: jsing <> 2025-05-16 14:03:49 +0000
committer: jsing <> 2025-05-16 14:03:49 +0000
commit: eb5c53320fccbc6f107456158d2502df15583df0 (patch)
tree: aad8ac901cb9592388e65872697224733a3a59ff /src
parent: 547135fd10dd231b2c7f80009d84a27996b6f245 (diff)
download: openbsd-eb5c53320fccbc6f107456158d2502df15583df0.tar.gz
openbsd-eb5c53320fccbc6f107456158d2502df15583df0.tar.bz2
openbsd-eb5c53320fccbc6f107456158d2502df15583df0.zip
1 files changed, 16 insertions, 16 deletions
diff --git a/src/regress/lib/libcrypto/gcm128/gcm128test.c b/src/regress/lib/libcrypto/gcm128/gcm128test.c
index def7653c7b..78631979fe 100644
--- a/src/regress/lib/libcrypto/gcm128/gcm128test.c
+++ b/src/regress/lib/libcrypto/gcm128/gcm128test.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: gcm128test.c,v 1.7 2022/09/05 21:06:31 tb Exp $       */
+/*      $OpenBSD: gcm128test.c,v 1.8 2025/05/16 14:03:49 jsing Exp $    */
 /* ====================================================================
 * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
 *
@@ -57,11 +57,6 @@
 #include <openssl/aes.h>
 #include <openssl/modes.h>
-/* XXX - something like this should be in the public headers. */
-struct gcm128_context {
-        uint64_t opaque[64];
-};
 struct gcm128_test {
        const uint8_t K[128];
        size_t K_len;
@@ -856,7 +851,7 @@ struct gcm128_test gcm128_tests[] = {
 static int
 do_gcm128_test(int test_no, struct gcm128_test *tv)
 {
-        GCM128_CONTEXT ctx;
+        GCM128_CONTEXT *ctx;
        AES_KEY key;
        uint8_t *out = NULL;
        size_t out_len;
@@ -873,13 +868,16 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
        if (out_len != 0)
                memset(out, 0, out_len);
-        CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);
-        CRYPTO_gcm128_setiv(&ctx, tv->IV, tv->IV_len);
+        if ((ctx = CRYPTO_gcm128_new(&key, (block128_f)AES_encrypt)) == NULL)
+                err(1, "CRYPTO_gcm128_new");
+        CRYPTO_gcm128_setiv(ctx, tv->IV, tv->IV_len);
        if (tv->A_len > 0)
-                CRYPTO_gcm128_aad(&ctx, tv->A, tv->A_len);
+                CRYPTO_gcm128_aad(ctx, tv->A, tv->A_len);
        if (tv->P_len > 0)
-                CRYPTO_gcm128_encrypt(&ctx, tv->P, out, out_len);
+                CRYPTO_gcm128_encrypt(ctx, tv->P, out, out_len);
-        if (CRYPTO_gcm128_finish(&ctx, tv->T, 16)) {
+        if (CRYPTO_gcm128_finish(ctx, tv->T, 16)) {
                fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",
                    test_no);
                goto fail;
@@ -891,12 +889,12 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
        if (out_len != 0)
                memset(out, 0, out_len);
-        CRYPTO_gcm128_setiv(&ctx, tv->IV, tv->IV_len);
+        CRYPTO_gcm128_setiv(ctx, tv->IV, tv->IV_len);
        if (tv->A_len > 0)
-                CRYPTO_gcm128_aad(&ctx, tv->A, tv->A_len);
+                CRYPTO_gcm128_aad(ctx, tv->A, tv->A_len);
        if (tv->C_len > 0)
-                CRYPTO_gcm128_decrypt(&ctx, tv->C, out, out_len);
+                CRYPTO_gcm128_decrypt(ctx, tv->C, out, out_len);
-        if (CRYPTO_gcm128_finish(&ctx, tv->T, 16)) {
+        if (CRYPTO_gcm128_finish(ctx, tv->T, 16)) {
                fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",
                    test_no);
                goto fail;
@@ -909,6 +907,8 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
        ret = 0;
 fail:
+        CRYPTO_gcm128_release(ctx);
        free(out);
        return (ret);
 }
author	jsing <>	2025-05-16 14:03:49 +0000
committer	jsing <>	2025-05-16 14:03:49 +0000
commit	eb5c53320fccbc6f107456158d2502df15583df0 (patch)
tree	aad8ac901cb9592388e65872697224733a3a59ff /src
parent	547135fd10dd231b2c7f80009d84a27996b6f245 (diff)
download	openbsd-eb5c53320fccbc6f107456158d2502df15583df0.tar.gz openbsd-eb5c53320fccbc6f107456158d2502df15583df0.tar.bz2 openbsd-eb5c53320fccbc6f107456158d2502df15583df0.zip

diff --git a/src/regress/lib/libcrypto/gcm128/gcm128test.c b/src/regress/lib/libcrypto/gcm128/gcm128test.c index def7653c7b..78631979fe 100644 --- a/src/regress/lib/libcrypto/gcm128/gcm128test.c +++ b/src/regress/lib/libcrypto/gcm128/gcm128test.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gcm128test.c,v 1.7 2022/09/05 21:06:31 tb Exp $ */	1	/* $OpenBSD: gcm128test.c,v 1.8 2025/05/16 14:03:49 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2010 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -57,11 +57,6 @@
57	#include <openssl/aes.h>	57	#include <openssl/aes.h>
58	#include <openssl/modes.h>	58	#include <openssl/modes.h>
59		59
60	/* XXX - something like this should be in the public headers. */
61	struct gcm128_context {
62	uint64_t opaque[64];
63	};
64
65	struct gcm128_test {	60	struct gcm128_test {
66	const uint8_t K[128];	61	const uint8_t K[128];
67	size_t K_len;	62	size_t K_len;
@@ -856,7 +851,7 @@ struct gcm128_test gcm128_tests[] = {
856	static int	851	static int
857	do_gcm128_test(int test_no, struct gcm128_test *tv)	852	do_gcm128_test(int test_no, struct gcm128_test *tv)
858	{	853	{
859	GCM128_CONTEXT ctx;	854	GCM128_CONTEXT *ctx;
860	AES_KEY key;	855	AES_KEY key;
861	uint8_t *out = NULL;	856	uint8_t *out = NULL;
862	size_t out_len;	857	size_t out_len;
@@ -873,13 +868,16 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
873		868
874	if (out_len != 0)	869	if (out_len != 0)
875	memset(out, 0, out_len);	870	memset(out, 0, out_len);
876	CRYPTO_gcm128_init(&ctx, &key, (block128_f)AES_encrypt);	871
877	CRYPTO_gcm128_setiv(&ctx, tv->IV, tv->IV_len);	872	if ((ctx = CRYPTO_gcm128_new(&key, (block128_f)AES_encrypt)) == NULL)
		873	err(1, "CRYPTO_gcm128_new");
		874
		875	CRYPTO_gcm128_setiv(ctx, tv->IV, tv->IV_len);
878	if (tv->A_len > 0)	876	if (tv->A_len > 0)
879	CRYPTO_gcm128_aad(&ctx, tv->A, tv->A_len);	877	CRYPTO_gcm128_aad(ctx, tv->A, tv->A_len);
880	if (tv->P_len > 0)	878	if (tv->P_len > 0)
881	CRYPTO_gcm128_encrypt(&ctx, tv->P, out, out_len);	879	CRYPTO_gcm128_encrypt(ctx, tv->P, out, out_len);
882	if (CRYPTO_gcm128_finish(&ctx, tv->T, 16)) {	880	if (CRYPTO_gcm128_finish(ctx, tv->T, 16)) {
883	fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",	881	fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",
884	test_no);	882	test_no);
885	goto fail;	883	goto fail;
@@ -891,12 +889,12 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
891		889
892	if (out_len != 0)	890	if (out_len != 0)
893	memset(out, 0, out_len);	891	memset(out, 0, out_len);
894	CRYPTO_gcm128_setiv(&ctx, tv->IV, tv->IV_len);	892	CRYPTO_gcm128_setiv(ctx, tv->IV, tv->IV_len);
895	if (tv->A_len > 0)	893	if (tv->A_len > 0)
896	CRYPTO_gcm128_aad(&ctx, tv->A, tv->A_len);	894	CRYPTO_gcm128_aad(ctx, tv->A, tv->A_len);
897	if (tv->C_len > 0)	895	if (tv->C_len > 0)
898	CRYPTO_gcm128_decrypt(&ctx, tv->C, out, out_len);	896	CRYPTO_gcm128_decrypt(ctx, tv->C, out, out_len);
899	if (CRYPTO_gcm128_finish(&ctx, tv->T, 16)) {	897	if (CRYPTO_gcm128_finish(ctx, tv->T, 16)) {
900	fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",	898	fprintf(stderr, "TEST %d: CRYPTO_gcm128_finish failed\n",
901	test_no);	899	test_no);
902	goto fail;	900	goto fail;
@@ -909,6 +907,8 @@ do_gcm128_test(int test_no, struct gcm128_test *tv)
909	ret = 0;	907	ret = 0;
910		908
911	fail:	909	fail:
		910	CRYPTO_gcm128_release(ctx);
		911
912	free(out);	912	free(out);
913	return (ret);	913	return (ret);
914	}	914	}